Configuring arp restricted forwarding, Displaying and maintaining arp detection, User validity check configuration example – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

336

Configuring ARP restricted forwarding

ARP restricted forwarding controls the forwarding of ARP packets that are received on untrusted ports

and have passed ARP detection in the following cases:

•

If the packets are ARP requests, they are forwarded through the trusted ports.

•

If the packets are ARP responses, they are forwarded according to their destination MAC address.
If no match is found in the MAC address table, they are forwarded through the trusted ports.

Before performing the following configuration, make sure you have configured the arp detection enable
command.
To enable ARP restricted forwarding:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter VLAN view.

vlan vlan-id N/A

3.

Enable ARP restricted
forwarding.

arp restricted-forwarding enable

Disabled by default

Displaying and maintaining ARP detection

Task Command

Remarks

Display the VLANs enabled
with ARP detection.

display arp detection [ | { begin | exclude |
include } regular-expression ]

Available in any view

Display the ARP detection
statistics.

display arp detection statistics [ interface
interface-type interface-number ] [ | { begin |

exclude | include } regular-expression ]

Available in any view

Clear the ARP detection
statistics.

reset arp detection statistics [ interface
interface-type interface-number ]

Available in user view

User validity check configuration example

Network requirements

As shown in

Figure 142

:

•

Configure the DHCP server on the switch.

•

Configure 802.1X on the AC.

•

Enable ARP detection in VLAN 10 to check user validity based on 802.1X entries.

•

Configure Client 1 and Client 2 as 802.1X users.